Co-processing electronic signals for redundancy

ABSTRACT

A co-processing fraud risk scoring system for scoring electronic payment transactions for potential fraud is described. Additionally, a method and a computer-readable storage medium for scoring electronic payment transactions for potential fraud are described.

BACKGROUND

This disclosure relates to processing electronic signals transmittedthrough computer networks, and more specifically to calculating fraudscores associated with electronic transaction signals usingco-processing to provide redundancy.

At least some known payment processing networks for processing financialtransactions among parties use a fraud scoring system. Such fraudscoring systems compare data associated with an electronic transactionto one or more predefined rules to determine whether the electronictransaction is fraudulent (e.g., an attempted purchase made by someoneother than the account holder). When such fraud scoring systems becomeinoperable, for example when maintenance is being performed, the paymentprocessing network experiences an interruption in its ability to quicklydetermine whether an electronic transaction is likely fraudulent.

BRIEF DESCRIPTION OF THE DISCLOSURE

In one aspect, a fraud risk scoring system for scoring electronicpayment transactions for potential fraud is provided. The fraud riskscoring system includes a message processor computing device incommunication with a payment network, a first scoring computing devicecoupled to the message processor computing device, and a second scoringcomputing device coupled to the message processor computing device. Thefraud risk scoring system is configured to receive a first authorizationrequest message for a first payment transaction. The fraud risk scoringsystem is additionally configured to determine that the firstauthorization request message includes a first cardholder account numberthat includes an odd numbered bank identification number, transmit thefirst authorization request message to the first scoring computingdevice to generate a first fraud risk score for the first authorizationrequest message based on a first set of rules stored by a first databaseand a first profile associated with the first cardholder account,receive a second authorization request message for a second paymenttransaction, determine that the second authorization request messageincludes a second cardholder account number that includes an evennumbered bank identification number, and transmit the secondauthorization request message to the second scoring computing device togenerate a second fraud risk score for the second authorization requestmessage, based on a second set of rules stored by a second database anda second profile associated with the second cardholder account.

In another aspect, a method for scoring electronic payment transactionsfor potential fraud is provided. The method is implemented by a fraudrisk scoring system that includes a message processor computing devicein communication with a payment network, a first scoring computingdevice coupled to the message processor computing device, and a secondscoring computing device coupled to the message processor computingdevice. The method includes receiving, by the fraud risk scoring system,a first authorization request message for a first payment transaction.The method additionally includes determining, by the fraud risk scoringsystem, that the first authorization request message includes a firstcardholder account number that includes an odd numbered bankidentification number, transmitting, by the fraud risk scoring system,the first authorization request message to the first scoring computingdevice to generate a first fraud risk score for the first authorizationrequest message based on a first set of rules stored by a first databaseand a first profile associated with the first cardholder account,receiving, by the fraud risk scoring system, a second authorizationrequest message for a second payment transaction, determining, by thefraud risk scoring system, that the second authorization request messageincludes a second cardholder account number that includes an evennumbered bank identification number, and transmitting, by the fraud riskscoring system, the second authorization request message to the secondscoring computing device to generate a second fraud risk score for thesecond authorization request message, based on a second set of rulesstored by a second database and a second profile associated with thesecond cardholder account.

In yet another aspect, a computer-readable storage medium havingcomputer-executable instructions embodied thereon is provided. Whenexecuted by a one or more processors of a fraud risk scoring system thatincludes a message processor computing device in communication with apayment network, a first scoring computing device coupled to the messageprocessor computing device, and a second scoring computing devicecoupled to the message processor computing device, thecomputer-executable instructions cause the fraud risk scoring system to:receive a first authorization request message for a first paymenttransaction, determine that the first authorization request messageincludes a first cardholder account number that includes an odd numberedbank identification number, transmit the first authorization requestmessage to the first scoring computing device to generate a first fraudrisk score for the first authorization request message based on a firstset of rules stored by a first database and a first profile associatedwith the first cardholder account, receive a second authorizationrequest message for a second payment transaction, determine that thesecond authorization request message includes a second cardholderaccount number that includes an even numbered bank identificationnumber, and transmit the second authorization request message to thesecond scoring computing device to generate a second fraud risk scorefor the second authorization request message, based on a second set ofrules stored by a second database and a second profile associated withthe second cardholder account.

BRIEF DESCRIPTION OF THE DRAWINGS

FIGS. 1-9 show example embodiments of the methods and systems describedherein.

FIG. 1 is a schematic diagram illustrating an example multi-partypayment card industry system for enabling payment-by-card transactionsin which merchants and card issuers do not necessarily have a one-to-onerelationship.

FIG. 2 is a simplified block diagram of an example payment processingsystem including a payment processing server computing device, a fraudrisk scoring computing device, and a plurality of computing devices inaccordance with one example embodiment of the present disclosure.

FIG. 3 is an expanded block diagram of a server architecture of thepayment processing system including the plurality of computing devicesin accordance with one example embodiment of the present disclosure.

FIG. 4 illustrates a configuration of a client system shown in FIGS. 2and 3 in accordance with one example embodiment of the presentdisclosure.

FIG. 5 illustrates a configuration of a server system shown in FIGS. 2and 3 in accordance with one example embodiment of the presentdisclosure.

FIG. 6 is a data flow diagram for the routing and storage of data by thefraud risk scoring server in accordance with an example embodiment ofthe present disclosure.

FIG. 7 is a data flow diagram for demographic and non-financialinformation processed and stored by the fraud risk scoring server.

FIG. 8 is a flowchart of an example process implemented by the fraudrisk scoring server for scoring electronic payment transactions forpotential fraud in one example embodiment of the present disclosure.

FIG. 9 is a diagram of components of one or more example computingdevices that may be used in the system shown in FIG. 2.

DETAILED DESCRIPTION OF THE DISCLOSURE

The system described herein includes a fraud risk scoring system forscoring electronic payment transactions for potential fraud. Inparticular, the fraud risk scoring system uses distributed processing toeliminate interruptions in determining whether electronic paymenttransactions are fraudulent. The fraud risk scoring system includes amessage processor computing device in communication with a paymentnetwork. The fraud risk scoring system also includes a first scoringcomputing device coupled to the payment network and a second scoringcomputing device coupled to the payment network. The fraud risk scoringsystem is configured to receive a first authorization request messagefor a first payment transaction. Additionally, the fraud risk scoringsystem determines that the first authorization request message includesa first cardholder account number that includes an odd numbered bankidentification number (BIN). The fraud risk scoring system transmits thefirst authorization request message to the first scoring computingdevice to generate a first fraud risk score for the first authorizationrequest message based on a first set of rules stored by a first databaseand a first profile associated with the first cardholder account.Additionally, the fraud risk scoring system receives a secondauthorization request message for a second payment transaction. Further,the fraud risk scoring system determines that the second authorizationrequest message includes a second cardholder account number thatincludes an even number bank identification number. The fraud riskscoring system transmits the second authorization request message to thesecond scoring computing device to generate a second fraud risk scorefor the second authorization request message, based on a second set ofrules stored by a second database and a second profile associated withthe second cardholder account.

In some implementations, the fraud scoring system is further configuredto generate, by the first scoring computing device, a first profileupdate request message to update the first profile associated with thefirst cardholder account. Additionally, the fraud scoring systemtransmits the first profile update request message to the second scoringcomputing device. Further the fraud scoring system generates, by thesecond scoring computing device, a second profile update request messageto update the second profile associated with the second cardholderaccount and transmits the profile update request message to the firstscoring computing device.

In some implementations, the fraud risk scoring system determines thatthe first scoring computing device is not operating, and performs afallback process. Specifically, the fraud risk scoring system terminatesany processes for replicating data between the first database and thesecond database. Additionally, the fraud risk scoring system generatesprofile update request messages associated with both odd and evennumbered bank identification numbers at the second scoring computingdevice and stores the profile update request messages for processing bythe first scoring computing device when the first scoring computingdevice is operational. Subsequently, the fraud risk scoring systemdetermines that the first scoring computing device is operational andtransmits all stored profile update request messages from the secondscoring computing device to the first scoring computing device.Additionally, the fraud risk scoring system synchronizes the second setof rules stored in the second database with the first set of rulesstored in the first database.

In some implementations, the authorization request messages are realtime or near real time authorization request messages. Additionally, insome implementations, the fraud risk scoring system is configured togenerate, by the first scoring computing device and the second scoringcomputing device, authorization response messages for each respectiveauthorization request message received. Additionally, the fraud riskscoring system updates the corresponding cardholder profiles based onthe authorization request messages, and stores the updated cardholderprofiles in the first database and the second database.

In at least some implementations, the first scoring computing device andthe second scoring computing device update the cardholder profiles inresponse to profile update request messages without storing the profileupdate request messages in the first database or the second database.Additionally, in some implementations, the fraud scoring system receivescardholder demographics and nonmonetary data at the first scoringcomputing device and the second scoring computing device, and updatescardholder profiles using the received cardholder demographics andnonmonetary data.

The fraud risk scoring system, in some implementations, synchronizesrules between the first database and the second database by determiningthat the first rules stored in the first database do not match thesecond rules stored in the second database, and synchronizes the firstrules with the second rules. Additionally, in some implementations, thefraud risk scoring system is configured to replicate data between thefirst database and the second database at a predefined interval (e.g.,once per day, once per hour, once per minute, or once per second).

More specifically, the present disclosure provides an architecture thatprovides high availability for a fraud risk scoring system (“frauddetection system”) using distributed processing (e.g., co-processing).An authorization system (B24) transmits transactions to primary andsecondary sites of the fraud risk scoring system as follows. Theauthorization system transmits both real time (101) and near real time(102) transactions that pertain to cardholder accounts with odd bankidentification numbers (“BINs”) to a scoring engine of the primary site.The scoring engine of the primary site also receives profile update(108) transactions for cardholder accounts with even BINs. Theauthorization system transmits transactions for cardholder accounts witheven BINs to a secondary scoring engine at the secondary site. Thesecondary scoring engine receives both real time (101) and near realtime (102) transactions for cardholder accounts having even BINs. Thescoring engine at the secondary site additionally receives profileupdate (108) transactions for cardholder accounts with odd BINs. Thefraud risk scoring system processes profile update transactions andupdates the cardholder profiles only. The updates are not written to adatabase at this point. This ensures that cardholder profiles are up todate on both sites. Additionally, the fraud risk scoring systemprocesses 101/102 transactions and sends corresponding authorizationresponses to the payment network 128, and will update the cardholderprofiles and database for case creation. Cardholder demographics andnon-monetary information is delivered to both the primary and secondarysites to update cardholder demographic information. In order to supportcase management, system data is available in both the primary site andthe secondary site. For case management, both the primary and secondarysites are available, but processing only happens from one site, and theother site will be in hot standby mode. Replication between databases isbi-directional and operates within sub-second time. A rule replicatorprocess continuously monitors rule repositories for changes. If thereare any changes to the rules, the rule replicator replicates the rulesto the opposite site and simulates rule deployment to synchronize therule deployment.

In case of a failover from the primary site to the secondary site due toany infrastructure maintenance, the following process is performed.First, authorization transaction traffic is stopped at the primary site.Second, the fraud risk scoring server, a case manager, and an expertapplication are stopped at the primary site. Next, database replicationfrom the secondary site to the primary site is stopped. Additionally,all data from the primary site database is replicated to the secondarysite database. Once all data is replicated from the primary site to thesecondary site, bi-directional replication is stopped. Next, all odd BINtransactions are routed to the secondary site. At this point in time,the secondary site will be running and it will receive all odd BINtransactions that were rerouted from the primary site. Next, odd andeven BIN profile update transactions are generated to update profiles onthe primary site. These messages are on hold until the primary site isavailable for processing. Additionally, web applications receive HTTPrequests from the secondary site to work on cases and to deploy rules.Once the primary site maintenance is complete, all profile updatetransactions are released to update primary site profiles. Once theprofiles are updated, the system confirms that the rules are currentfrom the secondary site. Once the above process is complete, the primarysite is available to normalize traffic. Using the above operationalfailover process, the fraud risk scoring system is highly availablewithout any outage during any maintenance.

The methods and systems described herein may be implemented usingcomputer programming or engineering techniques including computersoftware, firmware, hardware or any combination or subset thereof,wherein the technical effect is achieved by performing at least one of:(a) receiving a first authorization request message for a first paymenttransaction; (b) determining that the first authorization requestmessage includes a first cardholder account number that includes an oddnumbered bank identification number; (c) transmitting the firstauthorization request message to the first scoring computing device togenerate a first fraud risk score for the first authorization requestmessage based on a first set of rules stored by a first database and afirst profile associated with the first cardholder account; (d)receiving a second authorization request message for a second paymenttransaction; (e) determining that the second authorization requestmessage includes a second cardholder account number that includes aneven numbered bank identification number; and (f) transmitting thesecond authorization request message to the second scoring computingdevice to generate a second fraud risk score for the secondauthorization request message, based on a second set of rules stored bya second database and a second profile associated with the secondcardholder account. The technical effects described herein apply to thetechnical field of processing electronic signals transmitted through acomputer network using distributed processing.

The systems and methods described herein provide the technical advantageof enabling an electronic payment processing network to provide highlyrobust and failure tolerant fraud scoring of electronic paymenttransaction signals to enable the payment processing network todetermine whether a particular payment transaction is fraudulent whilethe transaction is being processed, rather than after a payment purchasehas already been completed. More specifically, the systems and methodsdescribed herein enable the payment network to perform such fraudscoring even while maintenance is being performed on the fraud scoringsystem. By enabling such highly reliable and robust fraud scoring, thesystems and methods described herein enable a payment networkinfrastructure to operate more efficiently, by reducing the amount ofadditional transactions that would otherwise need to be transmitted andprocessed in order to correct (e.g., apply adjustments to) paymenttransactions that should have been declined due to fraud.

In situations in which the systems discussed herein collect personalinformation about users, or may make use of personal information, theusers may be provided with an opportunity to control whether programs orfeatures collect user information. In addition, certain data may betreated in one or more ways before it is stored or used, so thatpersonally identifiable information is removed. For example, a user'sidentity may be treated so that no personally identifiable informationcan be determined for the user, or a user's geographic location may begeneralized where location information is obtained (such as a city, aZIP code, or state level), so that a particular location of a usercannot be determined. Thus, the user may have control over howinformation is collected about the user and used by the systems.

As used herein, the terms “transaction card,” “financial transactioncard,” and “payment card” refer to any suitable transaction card, suchas a credit card, a debit card, a prepaid card, a charge card, amembership card, a promotional card, a frequent flyer card, anidentification card, a gift card, and/or any other device that may holdpayment account information, such as mobile phones, smartphones,personal digital assistants (PDAs), key fobs, and/or computers. Eachtype of transaction card can be used as a method of payment forperforming a transaction.

In one embodiment, a computer program is provided, and the program isembodied on a computer-readable medium. In an example embodiment, thesystem is executed on a single computer system, without requiring aconnection to a sever computer. In a further example embodiment, thesystem is being run in a Windows® environment (Windows is a registeredtrademark of Microsoft Corporation, Redmond, Wash.). In yet anotherembodiment, the system is run on a mainframe environment and a UNIX®server environment (UNIX is a registered trademark of AT&T located inNew York, N.Y.). The application is flexible and designed to run invarious different environments without compromising any majorfunctionality. In some embodiments, the system includes multiplecomponents distributed among a plurality of computing devices. One ormore components may be in the form of computer-executable instructionsembodied in a computer-readable medium. The systems and processes arenot limited to the specific embodiments described herein. In addition,components of each system and each process can be practiced independentand separate from other components and processes described herein. Eachcomponent and process can also be used in combination with otherassembly packages and processes.

The following detailed description illustrates embodiments of thedisclosure by way of example and not by way of limitation. It iscontemplated that the disclosure has general application to processingfinancial transaction data by a third party in industrial, commercial,and residential applications.

As used herein, an element or step recited in the singular and precededwith the word “a” or “an” should be understood as not excluding pluralelements or steps, unless such exclusion is explicitly recited.Furthermore, references to “example embodiment” or “one embodiment” ofthe present disclosure are not intended to be interpreted as excludingthe existence of additional embodiments that also incorporate therecited features.

FIG. 1 is a schematic diagram illustrating an example multi-partypayment card system 120 for enabling payment-by-card transactions inwhich merchants and card issuers do not necessarily have a one-to-onerelationship. The present disclosure relates to payment card system 120,such as a credit card payment system using the MasterCard® payment cardsystem payment network 128 (also referred to as an “interchange” or“interchange network”). MasterCard® payment card system payment network128 is a proprietary communications standard promulgated by MasterCardInternational Incorporated® for the exchange of financial transactiondata between financial institutions that are members of MasterCardInternational Incorporated®. (MasterCard is a registered trademark ofMasterCard International Incorporated located in Purchase, N.Y.).

In payment card system 120, a financial institution such as an issuer130 issues a payment account card, such as a credit card account or adebit card account, to a cardholder 122, who uses the payment accountcard to tender payment for a purchase from a merchant 124. To acceptpayment with the payment account card, merchant 124 must normallyestablish an account with a financial institution that is part of thefinancial payment system. This financial institution is usually calledthe “merchant bank” or the “acquiring bank” or “acquirer bank” or simply“acquirer”. When a cardholder 122 tenders payment for a purchase with apayment account card (also known as a financial transaction card),merchant 124 requests authorization from acquirer 126 for the amount ofthe purchase. The request may be performed over the telephone, but isusually performed through the use of a point-of-interaction terminal,which reads the cardholder's account information from the magneticstripe on the payment account card or EMV chip and communicateselectronically with the transaction processing computers of acquirer126. Alternatively, acquirer 126 may authorize a third party to performtransaction processing on its behalf. In this case, thepoint-of-interaction terminal will be configured to communicate with thethird party. Such a third party is usually called a “merchant processor”or an “acquiring processor.” In some instances, a merchant (e.g.,merchant 124) stores payment card information associated with acardholder (e.g., cardholder 122) and requests authorization fromacquirer 126 using the stored payment card information, rather thanreading the cardholder's account information from the payment carditself (i.e., a card-on-file (COF) transaction).

In some implementations, the computer systems of the payment network 128communicate with a fraud risk scoring system 210, which may includemultiple sites, each with respective scoring engines, as described inmore detail herein. The fraud risk scoring system 210 receives theauthorization request message from the computers of the payment network128 and applies one or more rules to determine whether the likelihoodthat the transaction is fraudulent (e.g., a fraud risk score). Morespecifically, the fraud risk scoring system 210 calculates the fraudrisk score based on a profile of the cardholder, transaction history,spending patterns, the location of the purchase, the time of thepurchase, the amount of the purchase, and/or other factors. The fraudrisk scoring system 210 then transmits the fraud risk score to thecomputers of the payment network 128. Based on the fraud risk score, thecomputers of the payment network 128 may decline the transaction withoutever transmitting the authorization request message to the issuer 130,or may transmit the authorization request message to the issuer 130 withthe fraud risk score.

More specifically, in the latter case, using payment card system paymentnetwork 128, the computers of acquirer 126 or the merchant processorwill communicate with the computers of issuer 130, to determine whetherthe cardholder's account 132 is in good standing and whether thepurchase is covered by the cardholder's available credit line or accountbalance. Based on these determinations, the request for authorizationwill be declined or accepted. If the request is accepted, anauthorization code is issued to merchant 124.

When a request for authorization is accepted, the available credit lineor available balance of cardholder's account 132 is decreased. Normally,a charge is not posted immediately to a cardholder's account becausebankcard associations, such as MasterCard International Incorporated®,have promulgated rules that do not allow a merchant to charge, or“capture,” a transaction until goods are shipped or services aredelivered. When a merchant ships or delivers the goods or services,merchant 124 captures the transaction by, for example, appropriate dataentry procedures on the point-of-interaction terminal. If a cardholdercancels a transaction before it is captured, a “void” is generated. If acardholder returns goods after the transaction has been captured, a“credit” is generated.

For PIN debit card transactions, when a request for authorization isapproved by the issuer, the cardholder's account 132 is decreased.Normally, a charge is posted immediately to cardholder's account 132.The bankcard association then transmits the approval to the acquiringprocessor for distribution of goods/services, or information or cash inthe case of an ATM.

After a transaction is captured, the transaction is cleared and settledbetween merchant 124, acquirer 126, and issuer 130. Clearing refers tothe communication of financial data for reconciliation purposes betweenthe parties. Settlement refers to the transfer of funds between themerchant's account, acquirer 126, and issuer 130 related to thetransaction.

FIG. 2 is a simplified block diagram of an example payment processingsystem 200 in accordance with one embodiment of the present disclosure.In the example embodiment, system 200 includes a payment processingserver computing device 202, a plurality of client subsystems, alsoreferred to as client systems 204 or client computing devices, connectedto payment processing server computing device 202, and a fraud riskscoring server 210, also referred to herein as a fraud risk scoringsystem. In one embodiment, client systems 204 are computers including aweb browser, such that payment processing server computing device 202 isaccessible to client systems 204 using the Internet. Client systems 204are interconnected to the Internet through many interfaces including anetwork, such as a local area network (LAN) and/or a wide area network(WAN), dial-in connections, cable modems, wireless-connections, andspecial high-speed ISDN lines. Client systems 204 may be any devicecapable of interconnecting to the Internet including a mobile computingdevice, such as a notebook computer, a web-based phone, a personaldigital assistant (PDA), or other web-connectable equipment. In oneembodiment, client computing device 204 includes a point-of-sale (POS)device, a cardholder computing device (e.g., a smartphone, a tablet, orother computing device), or any other computing device capable ofcommunicating with payment processing server computing device 202. Adatabase server 206 is connected to a database 208 containinginformation on a variety of matters, as described below in greaterdetail. In one embodiment database 208 is stored on payment processingserver computing device 202 and may be accessed by potential users atone of client systems 204 by logging onto payment processing servercomputing device 202 through one of client systems 204. In anyalternative embodiment, database 208 is stored remotely from paymentprocessing server computing device 202 and may be non-centralized.

FIG. 3 is an expanded block diagram of an example embodiment of a serverarchitecture of payment processing system 200 in accordance with oneembodiment of the present disclosure. Payment processing system 200includes payment processing server computing device 202, client systems204, and fraud risk scoring server 210. Payment processing servercomputing device 202 includes database server 206, an application server302, a web server 304, a fax server 306, a directory server 308, and amail server 310. A disk storage unit 312 is coupled to database server206 and directory server 308. Servers 206, 302, 304, 306, 308, and 310are coupled in a local area network (LAN) 314. In addition, a systemadministrator's workstation 316, a user workstation 318, and asupervisor's workstation 320 are coupled to LAN 314. Alternatively,workstations 316, 318, and 320 are coupled to LAN 314 using an Internetlink or are connected through an Intranet. In some implementations,fraud risk scoring server 210 is remote from payment processing servercomputing device 202 but communicatively coupled thereto. In otherimplementations, fraud risk scoring server 210 is incorporated intopayment processing server computing device 202.

Each workstation, 316, 318, and 320, is a personal computer having a webbrowser. Although the functions performed at the workstations typicallyare illustrated as being performed at respective workstations 316, 318,and 320, such functions can be performed at one of many personalcomputers coupled to LAN 314. Workstations 316, 318, and 320 areillustrated as being associated with separate functions only tofacilitate an understanding of the different types of functions that canbe performed by individuals having access to LAN 314.

Payment processing server computing device 202 is configured to becommunicatively coupled to various entities, including acquirers 322 andissuers 324, and to third parties 334 (e.g., auditors) using an Internetconnection 326. Server system 202 is also communicatively coupled withone or more merchants 336. The communication in the example embodimentis illustrated as being performed using the Internet, however, any otherwide area network (WAN) type communication can be utilized in otherembodiments, i.e., the systems and processes are not limited to beingpracticed using the Internet. In addition, and rather than WAN 328,local area network 314 could be used in place of WAN 328. As describedabove, in some implementations, fraud risk scoring server 210 is remotefrom payment processing server computing device 202 but communicativelycoupled thereto. In other implementations, fraud risk scoring server 210is incorporated into payment processing server computing device 202.

In the example embodiment, any authorized individual or entity having aworkstation 330 may access system 200. At least one of the clientsystems includes a manager workstation 332 located at a remote location.Workstations 330 and 332 include personal computers having a webbrowser. Furthermore, fax server 306 communicates with remotely locatedclient systems, including a client system 332, using a telephone link.Fax server 306 is configured to communicate with other client systems316, 318, and 320 as well.

FIG. 4 illustrates an example configuration of a client computing device402. Client computing device 402 may include, but is not limited to,client systems (“client computing devices”) 204, 316, 318, and 320,workstation 330, manager workstation 332, and third party computingdevices 334 (shown in FIG. 3).

Client computing device 402 includes a processor 405 for executinginstructions. In some embodiments, executable instructions are stored ina memory area 410. Processor 405 may include one or more processingunits (e.g., in a multi-core configuration). Memory area 410 is anydevice allowing information such as executable instructions and/or otherdata to be stored and retrieved. Memory area 410 may include one or morecomputer-readable media.

Client computing device 402 also includes at least one media outputcomponent 415 for presenting information to a user 401 (e.g., acardholder 122). Media output component 415 is any component capable ofconveying information to user 401. In some embodiments, media outputcomponent 415 includes an output adapter such as a video adapter and/oran audio adapter. An output adapter is operatively coupled to processor405 and operatively coupleable to an output device such as a displaydevice (e.g., a liquid crystal display (LCD), organic light emittingdiode (OLED) display, cathode ray tube (CRT), or “electronic ink”display) or an audio output device (e.g., a speaker or headphones).

In some embodiments, client computing device 402 includes an inputdevice 420 for receiving input from user 401. Input device 420 mayinclude, for example, a keyboard, a pointing device, a mouse, a stylus,a touch sensitive panel (e.g., a touch pad or a touch screen), a camera,a gyroscope, an accelerometer, a position detector, and/or an audioinput device. A single component such as a touch screen may function asboth an output device of media output component 415 and input device420.

Client computing device 402 may also include a communication interface425, which is communicatively coupleable to a remote device such asserver system 202 or a web server operated by a merchant. Communicationinterface 425 may include, for example, a wired or wireless networkadapter or a wireless data transceiver for use with a mobile phonenetwork (e.g., Global System for Mobile communications (GSM), 3G, 4G orBluetooth) or other mobile data network (e.g., WorldwideInteroperability for Microwave Access (WIMAX)).

Stored in memory area 410 are, for example, computer-readableinstructions for providing a user interface to user 401 via media outputcomponent 415 and, optionally, receiving and processing input from inputdevice 420. A user interface may include, among other possibilities, aweb browser and client application. Web browsers enable users 401 todisplay and interact with media and other information typically embeddedon a web page or a website from a web server associated with a merchant.A client application allows users 401 to interact with a serverapplication associated with, for example, a merchant.

FIG. 5 illustrates an example configuration of a server computing device502. Server computing device 502 is representative of payment processingserver computing device 202 (shown in FIGS. 2 and 3), database server206, application server 302, web server 304, fax server 306, directoryserver 308, mail server 310, and one or more computing devices includedin fraud risk scoring server 210.

Server computing device 502 includes a processor 504 for executinginstructions. Instructions may be stored in a memory area 506, forexample. Processor 504 may include one or more processing units (e.g.,in a multi-core configuration).

Processor 504 is operatively coupled to a communication interface 508such that server computing device 502 is capable of communicating with aremote device such as client computing device 402 or another servercomputing device 502. For example, communication interface 508 mayreceive requests from client systems 204 via the Internet, asillustrated in FIGS. 2 and 3.

Processor 504 may also be operatively coupled to a storage device 510.Storage device 510 is any computer-operated hardware suitable forstoring and/or retrieving data. In some embodiments, storage device 510is integrated in server computing device 502. For example, servercomputing device 502 may include one or more hard disk drives as storagedevice 510. In other embodiments, storage device 510 is external toserver computing device 502 and may be accessed by a plurality of servercomputing devices 502. For example, storage device 510 may includemultiple storage units such as hard disks or solid state disks in aredundant array of inexpensive disks (RAID) configuration. Storagedevice 510 may include a storage area network (SAN) and/or a networkattached storage (NAS) system.

In some embodiments, processor 504 is operatively coupled to storagedevice 510 via a storage interface 512. Storage interface 512 is anycomponent capable of providing processor 504 with access to storagedevice 510. Storage interface 512 may include, for example, an AdvancedTechnology Attachment (ATA) adapter, a Serial ATA (SATA) adapter, aSmall Computer System Interface (SCSI) adapter, a RAID controller, a SANadapter, a network adapter, and/or any component providing processor 504with access to storage device 510.

Memory areas 410 and 506 may include, but are not limited to, randomaccess memory (RAM) such as dynamic RAM (DRAM) or static RAM (SRAM),read-only memory (ROM), erasable programmable read-only memory (EPROM),electrically erasable programmable read-only memory (EEPROM), andnon-volatile RAM (NVRAM). The above memory types are example only, andare thus not limiting as to the types of memory usable for storage of acomputer program.

FIG. 6 is a data flow diagram 600 for the routing and storage of data byfraud risk scoring server 210. Fraud risk scoring server 210 includes afirst (“primary”) site 602 and a second (“secondary”) site 604.Additionally, in at least some implementations, fraud risk scoringserver 210 includes an authorization system 601 which directs firsttransaction messages 620 (e.g., authorization request messages) thatpertain to cardholder accounts 132 that include an odd numbered bankidentification number (“BIN”) to a first scoring engine 608 and thatdirects second transaction messages 622 (e.g., authorization requestmessages) that pertain to cardholder accounts 132 that include an evennumbered BIN to a second scoring engine 610. In some implementations,authorization system 601 is included in payment processing servercomputing device 202. In at least some implementations, the transactionmessages 620 and 622 are real time (i.e., 101 transaction messages) ornear real time (i.e., 102 transaction messages). First scoring engine608 is coupled to a first database 612 and stores cardholder profiles,transaction histories, and fraud risk scores in first database 612,based at least in part on first transaction messages 620. Similarly,second scoring engine 610 is coupled to a second database 614 and storescardholder profiles, transaction histories, and fraud risk scores insecond database 614. Data is replicated between first database 612 andsecond database 614 through replication messages 634 transmitted betweenthe two databases 612 and 614. In at least some implementations,database 208 (FIG. 2) includes one or more of first database 612 andsecond database 614.

Fraud risk scoring server 210 additionally includes a message processor606 that transmits first non-financial request messages 616, such asdemographics messages, to first scoring engine 608 and transmits secondnon-financial request messages 618, such as demographics messages, tosecond scoring engine 610. In at least some implementations, firstnon-financial request messages 616 and second financial request messages618 are the same. First scoring engine 608 receives first profile updatemessages 624 (i.e., 108 messages) for transactions pertaining to evenBINS and second scoring engine 610 receives second profile updatemessages 626 for transactions pertaining to odd BINS. Additionally,first scoring engine 608 accesses and updates first rules 628 fordetermining fraud risk scores for transactions (e.g., first transactions620) and second scoring engine 610 accesses and updates second rules 630for determining fraud risk scores for transactions (e.g., secondtransactions 622). Fraud risk scoring server 210 additionally includes arule replicator 632 that replicates first rules 628 to second rules 630.

As described above, fraud risk scoring server 210 transmits calculatedfraud scores from each of the first scoring engine 608 and the secondscoring engine 610 to payment processing server computing device 202 ofpayment network 128. In some implementations, payment processing servercomputing device 202 determines that the calculated fraud score exceedsa predefined threshold value and declines the corresponding paymenttransaction without ever transmitting the authorization request messageto the corresponding issuer 130. In some implementations, paymentprocessing server computing device 202 transmits the fraud risk score tothe issuer 130 along with the authorization request message, to informthe issuer 130 of the likelihood that the transaction is fraudulent.Given that the fraud risk scoring server 210 includes multiple sites 602and 604 with respective scoring engines 608 and 610, the fraud riskscoring server 210 is more robust and reliable than if fraud riskscoring server 210 included only one site with one scoring engine.Additionally, fraud risk scoring server 210 is configured to perform afallback (“failover”) process to provide uninterrupted fraud riskscoring services in the event that one of the sites 602 and 604 becomesinoperable, for example due to maintenance, as described in more detailherein.

FIG. 7 is a data flow diagram 700 for demographic and non-financialinformation processed and stored by the fraud risk scoring server 210.Fraud risk scoring server 210 uses the demographic and non-financialinformation to update cardholder profiles 916, which as described above,are used by fraud risk scoring server 210 to calculate fraud riskscores. A card management system 702, for example payment processingserver computing device 202, transmits a non-financial message (e.g.,first non-financial request 616) into a non-financial message queue 704.Message processor 606 transmits the non-financial request message 616 toa fraud queue manager 706. Fraud queue manager additionally receives oneor more handshake messages 708 from first scoring engine 608 andtransmits non-financial request 616 to first scoring engine 608, asdescribed with reference to FIG. 6. Additionally, as described withreference to FIG. 6, first scoring engine 608 accesses and updates firstdatabase 612, based at least in part on the non-financial requestmessage 616.

FIG. 8 is a flowchart of an example process 800 implemented by fraudrisk scoring server 210 for scoring electronic payment transactions forpotential fraud. Fraud risk scoring server 210 receives 802 a firstauthorization request message for a first payment transaction (e.g.,first transaction message 620). Additionally, fraud risk scoring server210 determines 804 that the first authorization request message 620includes a first cardholder account number 132 that includes an oddnumbered BIN. Additionally, fraud risk scoring server 210 transmits 806the first authorization request message 620 to the first scoringcomputing device (e.g., first scoring engine 608) to generate a firstfraud risk score (e.g., fraud risk scores 920) for the firstauthorization request message 620 based on a first set of rules storedby a first database (e.g., first rules 628) and a first profile (e.g.,profiles 916) associated with the first cardholder account 132.

Additionally, fraud risk scoring server 210 receives 808 a secondauthorization request message for a second payment transaction (e.g.,second transaction message 622). Further, fraud risk scoring server 210determines 810 that the second authorization request message 622includes a second cardholder account number 132 that includes an evennumbered BIN. Additionally, fraud risk scoring server 210 transmits 812the second authorization request message to the second scoring computingdevice (e.g., second scoring engine 610) to generate a second fraud riskscore 920 for the second authorization request message 622, based on asecond set of rules stored by a second database (e.g., second rules 630)and a second profile 916 associated with the second cardholder account132.

In some implementations, the fraud scoring system is further configuredto generate, by the first scoring computing device (e.g., first scoringengine 608), a first profile update request message (e.g., profileupdate request message 624) to update the first profile (e.g.,cardholder profiles 916) associated with the first cardholder account132. Additionally, the fraud scoring system 210 transmits the firstprofile update request message 624 to the second scoring computingdevice (e.g., second scoring engine 610). Further the fraud scoringsystem generates 210, by the second scoring computing device (e.g.,second scoring engine 610), a second profile update request message(e.g., profile update request message 626) to update the second profile(e.g., cardholder profiles 916) associated with the second cardholderaccount 132 and transmits the profile update request message 626 to thefirst scoring computing device 608.

In some implementations, the fraud risk scoring system 210 determinesthat the first scoring computing device 608 is not operating, andperforms a fallback process. Specifically, the fraud risk scoring system210 terminates any processes for replicating data between the firstdatabase 612 and the second database 614. Additionally, the fraud riskscoring system 210 generates profile update request messages associatedwith both odd and even numbered bank identification numbers at thesecond scoring computing device 610 and stores the profile updaterequest messages 624 and 626 for processing by the first scoringcomputing device 608 when the first scoring computing device 608 isoperational. Subsequently, the fraud risk scoring system 210 determinesthat the first scoring computing device 210 is operational and transmitsall stored profile update request messages 624 and 626 from the secondscoring computing device 610 to the first scoring computing device 608.Additionally, the fraud risk scoring system 210 synchronizes the secondset of rules stored in the second database (e.g., second rules 630) withthe first set of rules stored in the first database (e.g., first rules628).

In some implementations, the authorization request messages 620 and 622are real time or near real time authorization request messages.Additionally, in some implementations, the fraud risk scoring system 210is configured to generate, by the first scoring computing device 608 andthe second scoring computing device 610, authorization response messagesfor each respective authorization request message received.Additionally, the fraud risk scoring system 210 updates thecorresponding cardholder profiles 916 based on the authorization requestmessages, and stores the updated cardholder profiles in the firstdatabase 612 and the second database 614.

In at least some implementations, the first scoring computing device 608and the second scoring computing device 610 update the cardholderprofiles 916 in response to profile update request messages 624 and 626without storing the profile update request messages in the firstdatabase 612 or the second database 614. Additionally, in someimplementations, the fraud risk scoring system 210 receives cardholderdemographics and nonmonetary data 616 and 618 at the first scoringcomputing device 608 and the second scoring computing device 610, andupdates cardholder profiles 916 using the received cardholderdemographics and nonmonetary data 616 and 618.

The fraud risk scoring system 210, in some implementations, synchronizesrules between the first database 612 and the second database 614 bydetermining that the first rules 628 stored in the first database do notmatch the second rules 630 stored in the second database, andsynchronizes the first rules 628 with the second rules 630.Additionally, in some implementations, the fraud risk scoring system 210is configured to replicate data between the first database 612 and thesecond database 614 (e.g., replication messages 634) at a predefinedinterval.

FIG. 9 is a diagram 900 of components of one or more example computingdevices, for example fraud risk scoring server 210, that may be used inembodiments of the described systems and methods. FIG. 9 further shows aconfiguration of data in database 208, which in at least someimplementations, is representative of first database 612, first set ofrules 628, second database 614, and second set of rules 630. Database208 is in communication with several separate components within fraudrisk scoring server 210, which perform specific tasks.

Fraud risk scoring server 210 includes a first authorization requestreceiving component 902 for receiving a first authorization requestmessage for a first payment transaction. Additionally, fraud riskscoring server 210 includes an odd BIN determining component 904 fordetermining that the first authorization request message includes afirst cardholder account number that includes an odd numbered bankidentification number. Further, fraud risk scoring server 210 includes afirst authorization request transmitting component 906 for transmittingthe first authorization request message to the first scoring computingdevice to generate a first fraud risk score for the first authorizationrequest message based on a first set of rules stored by a first databaseand a first profile associated with the first cardholder account.Additionally, fraud risk scoring server 210 includes a secondauthorization request receiving component 908 for receiving a secondauthorization request message for a second payment transaction. Fraudrisk scoring server 210 also includes an even BIN determining component910 for determining that the second authorization request messageincludes a second cardholder account number that includes an evennumbered bank identification number. Additionally, fraud risk scoringserver 210 includes a second authorization request transmittingcomponent for transmitting the second authorization request message tothe second scoring computing device to generate a second fraud riskscore for the second authorization request message, based on a secondset of rules stored by a second database and a second profile associatedwith the second cardholder account.

In an example embodiment, data in database 208 is divided into aplurality of sections, including but not limited to, a transactionhistory section 914, a cardholder profiles section 916, a rules section918, and a fraud risk scores section 920. These sections stored indatabase 208 are interconnected to retrieve and store information inaccordance with the functions and processes described above.

The term processor, as used herein, refers to central processing units,microprocessors, microcontrollers, reduced instruction set circuits(RISC), application specific integrated circuits (ASIC), logic circuits,and any other circuit or processor capable of executing the functionsdescribed herein.

As used herein, the terms “software” and “firmware” are interchangeable,and include any computer program stored in memory for execution byprocessor 405, 504, including RAM memory, ROM memory, EPROM memory,EEPROM memory, and non-volatile RAM (NVRAM) memory. The above memorytypes are example only, and are thus not limiting as to the types ofmemory usable for storage of a computer program.

As will be appreciated based on the foregoing specification, theabove-discussed embodiments of the disclosure may be implemented usingcomputer programming or engineering techniques including computersoftware, firmware, hardware or any combination or subset thereof. Anysuch resulting computer program, having computer-readable and/orcomputer-executable instructions, may be embodied or provided within oneor more computer-readable media, thereby making a computer programproduct, i.e., an article of manufacture, according to the discussedembodiments of the disclosure. These computer programs (also known asprograms, software, software applications or code) include machineinstructions for a programmable processor, and can be implemented in ahigh-level procedural and/or object-oriented programming language,and/or in assembly/machine language. As used herein, the terms“machine-readable medium,” “computer-readable medium,” and“computer-readable media” refer to any computer program product,apparatus and/or device (e.g., magnetic discs, optical disks, memory,Programmable Logic Devices (PLDs)) used to provide machine instructionsand/or data to a programmable processor, including a machine-readablemedium that receives machine instructions as a machine-readable signal.The “machine-readable medium,” “computer-readable medium,” and“computer-readable media,” however, do not include transitory signals(i.e., they are “non-transitory”). The term “machine-readable signal”refers to any signal used to provide machine instructions and/or data toa programmable processor.

The above-described embodiments of a method and system provide a fraudrisk scoring system that uses distributed processing to eliminateinterruptions in determining whether electronic payment transactions arefraudulent. As a result, the methods and systems described herein enablean electronic payment processing network to provide highly robust andfailure tolerant fraud scoring of electronic payment transaction signalsto allow the payment processing network to determine whether aparticular payment transaction is fraudulent while the transaction isbeing processed, rather than after a payment purchase has already beencompleted. More specifically, the systems and methods described hereinenable the payment network to perform such fraud risk scoring even whilemaintenance is being performed on the fraud risk scoring system. Byproviding such highly reliable and robust fraud scoring, the systems andmethods described herein enable a payment network infrastructure tooperate more efficiently, by reducing the amount of additionaltransactions that would otherwise need to be transmitted and processedin order to correct (e.g., apply adjustments to) payment transactionsthat should have been declined due to fraud.

This written description uses examples, including the best mode, toenable any person skilled in the art to practice the disclosure,including making and using any devices or systems and performing anyincorporated methods. The patentable scope of the disclosure is definedby the claims, and may include other examples that occur to thoseskilled in the art. Such other examples are intended to be within thescope of the claims if they have structural elements that do not differfrom the literal language of the claims, or if they include equivalentstructural elements with insubstantial differences from the literallanguages of the claims.

The invention claimed is:
 1. A co-processing fraud risk scoring systemfor scoring electronic payment transactions for potential fraud, saidfraud risk scoring system comprising a message processor computingdevice in communication with a payment network, a first scoringcomputing device coupled to the message processor computing device, anda second scoring computing device coupled to the message processorcomputing device, said fraud risk scoring system configured to: receivea first authorization request message for a first payment transaction;determine that the first authorization request message includes a firstcardholder account number that includes an odd numbered bankidentification number; transmit the first authorization request messageto the first scoring computing device to generate a first fraud riskscore for the first authorization request message based on a first setof rules stored by a first database and a first profile associated withthe first cardholder account; receive a second authorization requestmessage for a second payment transaction; determine that the secondauthorization request message includes a second cardholder accountnumber that includes an even numbered bank identification number;transmit the second authorization request message to the second scoringcomputing device to generate a second fraud risk score for the secondauthorization request message, based on a second set of rules stored bya second database and a second profile associated with the secondcardholder account; determine that the first scoring computing device isnot operating; terminate any processes for replicating data between thefirst database and the second database; generate profile update requestmessages associated with both odd and even numbered bank identificationnumbers at the second scoring computing device and store the profileupdate request messages for processing by the first scoring computingdevice when the first scoring computing device is operational;subsequently determine that the first scoring computing device isoperational; and transmit all stored profile update request messagesfrom the second scoring computing device to the first scoring computingdevice.
 2. The co-processing fraud risk scoring system of claim 1,further configured to: generate, by the first scoring computing device,a first profile update request message to update the first profileassociated with the first cardholder account; transmit the first profileupdate request message to the second scoring computing device; generate,by the second scoring computing device, a second profile update requestmessage to update the second profile associated with the secondcardholder account; and transmit the profile update request message tothe first scoring computing device.
 3. The co-processing fraud riskscoring system of claim 1, further configured to: synchronize the secondset of rules stored in the second database with the first set of rulesstored in the first database.
 4. The co-processing fraud risk scoringsystem of claim 1, further configured such that transmitting the firstauthorization request message further comprises transmitting at leastone of a real time and a near real time authorization request message tothe first scoring computing device.
 5. The co-processing fraud riskscoring system of claim 1, further configured to: generate, by the firstscoring computing device and the second scoring computing device,authorization response messages for each respective authorizationrequest message received; update corresponding cardholder profiles basedon the authorization request messages; and store the updated cardholderprofiles in the first database and the second database.
 6. Theco-processing fraud risk scoring system of claim 1, further configuredsuch that the first scoring computing device and the second scoringcomputing device update cardholder profiles in response to profileupdate request messages without storing the profile update requestmessages in the first database or the second database.
 7. Theco-processing fraud risk scoring system of claim 1, further configuredto: receive cardholder demographics and nonmonetary data at the firstscoring computing device and the second scoring computing device; andupdate cardholder profiles using the received cardholder demographicsand nonmonetary data.
 8. The co-processing fraud risk scoring system ofclaim 1, further configured to: determine that the first rules stored inthe first database do not match the second rules stored in the seconddatabase; and synchronize the first rules with the second rules.
 9. Theco-processing fraud risk scoring system of claim 1, further configuredto replicate data between the first database and the second database ata predefined interval.
 10. A method for scoring electronic paymenttransactions for potential fraud, said method is implemented by aco-processing fraud risk scoring system that includes a messageprocessor computing device in communication with a payment network, afirst scoring computing device coupled to the message processorcomputing device, and a second scoring computing device coupled to themessage processor computing device, said method comprising: receiving,by the co-processing fraud risk scoring system, a first authorizationrequest message for a first payment transaction; determining, by theco-processing fraud risk scoring system, that the first authorizationrequest message includes a first cardholder account number that includesan odd numbered bank identification number; transmitting, by theco-processing fraud risk scoring system, the first authorization requestmessage to the first scoring computing device to generate a first fraudrisk score for the first authorization request message based on a firstset of rules stored by a first database and a first profile associatedwith the first cardholder account; receiving, by the co-processing fraudrisk scoring system, a second authorization request message for a secondpayment transaction; determining, by the co-processing fraud riskscoring system, that the second authorization request message includes asecond cardholder account number that includes an even numbered bankidentification number; transmitting, by the co-processing fraud riskscoring system, the second authorization request message to the secondscoring computing device to generate a second fraud risk score for thesecond authorization request message, based on a second set of rulesstored by a second database and a second profile associated with thesecond cardholder account; determining that the first scoring computingdevice is not operating; terminating any processes for replicating databetween the first database and the second database; generating profileupdate request messages associated with both odd and even numbered bankidentification numbers at the second scoring computing device and storethe profile update request messages for processing by the first scoringcomputing device when the first scoring computing device is operational;subsequently determining that the first scoring computing device isoperational; and transmitting all stored profile update request messagesfrom the second scoring computing device to the first scoring computingdevice.
 11. The method of claim 10, further comprising: generating, bythe first scoring computing device, a first profile update requestmessage to update the first profile associated with the first cardholderaccount; transmitting the first profile update request message to thesecond scoring computing device; generating, by the second scoringcomputing device, a second profile update request message to update thesecond profile associated with the second cardholder account; andtransmitting the profile update request message to the first scoringcomputing device.
 12. The method of claim 10, further comprising:synchronizing the second set of rules stored in the second database withthe first set of rules stored in the first database.
 13. The method ofclaim 10, wherein transmitting the first authorization request messagefurther comprises transmitting at least one of a real time and a nearreal time authorization request message to the first scoring computingdevice.
 14. The method of claim 10, further comprising: generating, bythe first scoring computing device and the second scoring computingdevice, authorization response messages for each respectiveauthorization request message received; updating correspondingcardholder profiles based on the authorization request messages; andstoring the updated cardholder profiles in the first database and thesecond database.
 15. The method of claim 10, further comprising updatingcardholder profiles in response to profile update request messageswithout storing the profile update request messages in the firstdatabase or the second database.
 16. The method of claim 10, furthercomprising: receiving cardholder demographics and nonmonetary data atthe first scoring computing device and the second scoring computingdevice; and updating cardholder profiles using the received cardholderdemographics and nonmonetary data.
 17. The method of claim 10, furthercomprising: determining that the first rules stored in the firstdatabase do not match the second rules stored in the second database;and synchronizing the first rules with the second rules.
 18. The methodof claim 10, further comprising replicating data between the firstdatabase and the second database at a predefined interval.
 19. Anon-transitory computer-readable storage medium havingcomputer-executable instructions embodied thereon, wherein when executedby a one or more processors of a co-processing fraud risk scoring systemthat includes a message processor computing device in communication witha payment network, a first scoring computing device coupled to themessage processor computing device, and a second scoring computingdevice coupled to the message processor computing device, thecomputer-executable instructions cause the fraud risk scoring system to:receive a first authorization request message for a first paymenttransaction; determine that the first authorization request messageincludes a first cardholder account number that includes an odd numberedbank identification number; transmit the first authorization requestmessage to the first scoring computing device to generate a first fraudrisk score for the first authorization request message based on a firstset of rules stored by a first database and a first profile associatedwith the first cardholder account; receive a second authorizationrequest message for a second payment transaction; determine that thesecond authorization request message includes a second cardholderaccount number that includes an even numbered bank identificationnumber; transmit the second authorization request message to the secondscoring computing device to generate a second fraud risk score for thesecond authorization request message, based on a second set of rulesstored by a second database and a second profile associated with thesecond cardholder account; determine that the first scoring computingdevice is not operating; terminate any processes for replicating databetween the first database and the second database; generate profileupdate request messages associated with both odd and even numbered bankidentification numbers at the second scoring computing device and storethe profile update request messages for processing by the first scoringcomputing device when the first scoring computing device is operational;subsequently determine that the first scoring computing device isoperational; and transmit all stored profile update request messagesfrom the second scoring computing device to the first scoring computingdevice.
 20. The non-transitory computer-readable storage medium of claim19, wherein said computer-readable instructions additionally cause thefraud risk scoring system to: generate, by the first scoring computingdevice, a first profile update request message to update the firstprofile associated with the first cardholder account; transmit the firstprofile update request message to the second scoring computing device;generate, by the second scoring computing device, a second profileupdate request message to update the second profile associated with thesecond cardholder account; and transmit the profile update requestmessage to the first scoring computing device.